2012/5/2 E.S. Rosenberg <esr@xxxxxxxxxxx>: > Hi, > I just thought I'd share the script I have for the squid side, maybe > someone finds it useful. > I wrote in PHP because I wanted to use prepared statements and am most > familiar with PDO. > > Now my logs have usernames but squid does not allow me to make > proxy_auth acls since I have no auth mechanism configured (this > particular squid instance is a museum piece - 2.6, soon to be > replaced), if this issue also exists in squid 3.1 then how would I > control users based on a username returned through an external ACL? > > Thanks, > Eli I stuck the script on my server, that makes an easier read then from inside a mail: http://kotk.nl/verifyIP.phps Hope that helps, Eli > > The code: > #!/usr/bin/php > <?php > /***** > * Developed for the Jerusalem College of Technology Computer Center > by E.S. Rosenberg aka Keeper of the Keys > * 2012/5772 > * Released on: 2/May/2012 - 10 Iyar 5772 > * License: GNU GPLv2 > **** > * Short: external ACL helper for squid that allows associating > usernames in a database with IPs. > **** > * Description: > * This script is running in a never ending loop and reads an IP > address from stdin. > * It then queries a database about the username currently associated > with that IP. > * If a name is associated it returns "OK user=username". > * Else it returns "ERR" > **** > * Depends: > * - PHP5.x with PDO (tested & working on 5.1 but highly recommended to use 5.3+ > *****/ > > $db['server'] = ''; > $db['db'] = ''; > $db['user'] = ''; > $db['passwd'] = ''; > > try { > $pdo_con = new > PDO("mysql:host=".$db['server'].";dbname=".$db['db'], $db['user'], > $db['passwd'], array(PDO::ATTR_PERSISTENT => true)); > } > catch (PDOException $e) { > echo "Error!: " . $e->getMessage() "\n"; > die(); > } > > //Prepare the Stored Procedure, so that it executes faster. > //Our stored procedure is basically a select `username` where `ip` = ? > $query = $pdo_con->prepare('call `db_name_here`.`procedure_name_here` ( ? )'); > $query->bindParam(1, $ip, PDO::PARAM_STR, 40); > > //Loop to answer squid. > while(1) { > $line = trim(fgets(STDIN)); > $ip = $line; > > $res = $query->execute(); > > handle_PDO_error($query); > > if($res) { > $res = $query->fetch(PDO::FETCH_ASSOC); > } > //Even though the result set should be just one row php seems to have > a problem with prepared stored procedures... > closeCursor($query); > > if(isset($res['user']) && $res['user'] != '') { > echo $line[0] ." OK user=". $res['user'] ."\n"; > } else { > echo "ERR\n"; > } > } > > function handle_PDO_error($pdoObject) { > if($pdoObject->errorCode() != '00000') { > fwrite(STDERR, "Sorry, Database error: ". $pdoObject->errorCode() ."\n"); > fwrite(STDERR, var_dump($pdoObject->errorInfo())); > } > } > > /** > * From: http://il.php.net/manual/en/pdostatement.closecursor.php > * @param PDOStatement $oStm > */ > function closeCursor($oStm) { > do $oStm->fetchAll(); > while ($oStm->nextRowSet()); > } > ?> > > > 2012/4/10 akadimi <amine.kadimi@xxxxxxxxx>: >> Hi Amos, >> >> Could you give me more details on your new session helper as soon as it >> becomes available. >> >> Regards, >> >> -- >> View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/external-acl-code-examples-tp4424505p4546016.html >> Sent from the Squid - Users mailing list archive at Nabble.com.
